{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "14.04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "16.04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "17.10" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "18.04" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "60.0" } ] } ] } } ], "details": "If manipulated hyperlinked text with \"chrome:\" URL contained in it is dragged and dropped on the \"home\" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox \u003c 60.", "id": "CVE-2018-5169", "modified": "2026-03-15T21:48:52.649981905Z", "published": "2018-06-11T21:29:15.810Z", "references": [ { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/104139" }, { "type": "ADVISORY", "url": "http://www.securitytracker.com/id/1040896" }, { "type": "ADVISORY", "url": "https://usn.ubuntu.com/3645-1/" }, { "type": "ADVISORY", "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "type": "REPORT", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319157" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ] }